CVE-2019-12468

2019-07-10T15:15:00
ID CVE-2019-12468
Type cve
Reporter cve@mitre.org
Modified 2019-07-17T15:25:00

Description

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover.